Product Security Engineer

About The Position

Requirements

• 5+ years of demonstrable experience as a Security Engineer, Application Security Engineer, or Product Security Engineer within a highly complex, rapidly scaling software organization.
• Proficiency in modern programming languages (such as Python, Typescript, etc.), knowledge of security tools (e.g., Burp Suite, OWASP ZAP), and familiarity with modern security protocols and encryption methods.
• Implemented AI to rapidly identify, validate, and scale security programs.
• Deep, practical knowledge of container security (Kubernetes), compute constraints, and securing ephemeral workloads across major public cloud platforms (AWS, GCP, Azure) and on-premises environments.
• Hands-on experience deploying, tuning, and automating SAST, DAST, and CI/CD pipeline security tools.
• Specific operational experience configuring and driving remediation through cloud security platforms.
• Proven experience securing large-scale platform migrations and managing the distinct security lifecycles of both legacy systems and modern microservices.

Nice To Haves

• Direct professional experience in the autonomous vehicle, automotive, aerospace, or defense sectors.
• Familiarity with physics-based simulation environments, deterministic computing constraints, or managing High-Performance Computing (HPC) clusters.
• Demonstrable contributions to open-source security tools, published vulnerability research, or recognized vulnerability disclosures (CVEs)

Responsibilities

• Analyze Applied Intuition’s applications and system architectures from their inception to release.
• Proactively identify potential security vulnerabilities and integrate robust security controls and conduct architecture reviews and threat modeling.
• Conduct regular security assessments and utilize AI-assisted testing on products and systems to systematically identify and mitigate vulnerabilities before they can be exploited.
• Assist in maturing Applied’s vulnerability management program and drive risk-contextualized resolutions discovered through various security platforms, collaborating closely with development teams.
• Provide continuous guidance and education to developers on secure coding practices, emerging threats, and general security best practices to cultivate a security-conscious culture.
• Collaborate with incident response teams and join security incident calls that impact product operations and create targeted remediation suggestions based on current threat landscapes.
• Work alongside software engineers to mature automated SAST and DAST tooling to secure development frameworks and CI/CD pipelines.

Benefits

• equity in the form of options and/or restricted stock units
• comprehensive health, dental, vision, life and disability insurance coverage
• 401k retirement benefits with employer match
• learning and wellness stipends
• paid time off